As a Senior IT Security & Compliance Consultant at Network Right, you’ll help our clients build and maintain strong security and compliance programs that meet today’s most rigorous standards — including SOC 2, ISO, GDPR, NIST CSF, and related frameworks.
You’ll act as a trusted advisor to high-growth startups and enterprises, guiding them through compliance readiness, audit preparation, and ongoing risk management. This role blends strategic consulting, operational execution, and exceptional client service, all in support of Network Right’s mission to make world-class IT and cybersecurity accessible and human-centered.
Candidates in SF or NYC will be considered for a hybrid onsite position.
Key Responsibilities
Serve as the primary compliance advisor for assigned clients, leading engagements from gap assessments to audit completion.
Develop and manage remediation roadmaps aligned with frameworks such as NIST CSF, SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, and HITRUST.
Coordinate audit readiness, evidence collection, and communication with clients, auditors and vendors.
Oversee client risk management activities, including risk identification, assessment, and mitigation.
Review and maintain client information security policies and governance processes to ensure regulatory alignment.
Deliver compliance and security awareness training to client teams.
Partner with internal IT teams to implement integrated security and compliance solutions.
Recommend tools and partners (e.g., SIEM, EDR, MDM) to strengthen compliance and risk management programs.
Track evolving compliance requirements and guide clients in updating their processes and documentation.
Technical Familiarity
Cloud: AWS, GCP, Azure (IAM, network security, logging)
Compliance Tools: Drata, Vanta, Delve
Identity: Okta, Azure AD, Google Workspace
EDR: CrowdStrike, SentinelOne, Huntres
MDM: Mosyle, Jamf, Kandji
Collaboration: Jira, Asana, Notion, Slack
Networking/SaaS: VPNs, SSO, access reviews, data security
Qualifications
5+ years of experience in compliance, audit readiness, or GRC consulting (client-facing preferred).
Proven success managing SOC 2 or ISO 27001 readiness engagements end-to-end.
Strong understanding of information security principles, control frameworks, and risk management practices.
CISA, CISM, CISSP, or comparable compliance/governance certification.
Strong understanding of software engineering or DevOps principles.
PMP or other project management credential a plus.
Excellent communication skills: able to advise executives, auditors, and technical teams alike.
Strong project management and prioritization skills across multiple client engagements.
Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!
Be the first to apply. Receive an email whenever similar jobs are posted.
Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.
Consultant Q&A's